Real-Time Heists - The Daily Gwei #310
The entertainment never ends in crypto.
Hacks, exploits and rug-pulls unfortunately happen quite regularly in the DeFi space and these days no one is really surprised when a protocol is hit by one. Though yesterday’s exploit involving Poly Network was a bit different as it was the largest DeFi-related exploit in history with a massive $600 million+ being stolen by what seemed like a lone actor.
What I’ve always found incredibly fascinating about these hacks is that they are like heists that everyone in the world can follow along with in real-time. For example, with the Poly Network exploit, Twitter lit up within minutes of the first report about it being broadcast and everyone was glued to various block explorers as they watched the hacker move funds around and even embed weird messages into Ethereum transactions. It’s basically peak entertainment for the crypto industry because for the first few hours after the hack people are working diligently to piece it all together and sharing it all in real-time on Twitter which means us mere mortals can enjoy the show (while maybe snacking on some popcorn).
Now, given that pretty much everything involving Ethereum is totally transparent, it means that an exploit can be identified, reported on and the lessons learned can be shared with the entire world in a matter of hours whereas something like this would take years in the traditional systems, cost millions of dollars in legal fees, and be a totally opaque process. On top of that, the only attempts at “fixing” the underlying issues in the traditional system is increased regulation (which I believe just ends up doing more harm than good).
Even though it seems like there are more hacks/exploits than ever before, I think that this is just a symptom of how big the industry has gotten. There are hundreds of new projects spinning up every month on Ethereum and some of these are bound to have security holes in them or just turn out to be straight up scams. Though the fact that the space is innovating and iterating so quickly means that developers can learn from these lessons and build safer and more robust applications as time goes on. I mean, when’s the last time that any of the top DeFi protocols (Uniswap, Aave, Compound, Maker etc) were hacked or exploited?
Anyway, the last thing I saw about the Poly Network exploit was that the hacker is returning the funds and to be honest I’m not even surprised by this. Not only were they identified due to their very sloppy work (they sent coins to their address from a centralized exchange they had KYC’d at), but hoping to cash out most of that money is a pipe dream. So maybe it was just some script kiddie who got ahead of himself or maybe it was an inside job gone wrong - I’m betting we’ll end up finding out sooner rather than later.
Have a great day everyone,
Enjoyed today’s piece? I send out a fresh one every week day - be sure to subscribe to receive it in your inbox!
Join the Daily Gwei Ecosystem
All information presented above is for educational purposes only and should not be taken as investment advice.